Questions tagged [checkpoint]
network security components including Firewall
64
questions
34
votes
7
answers
112k
views
Checkpoint VPN Linux Client
Is there a Linux client for Checkpoint VPN? Preferably for Ubuntu?
12
votes
5
answers
2k
views
Reviewing firewall rules
I need to review firewall rules of a CheckPoint firewall for a customer (with 200+ rules).
I have used FWDoc in the past to extract the rules and convert them to other formats but there was some ...
7
votes
1
answer
23k
views
Checkpoint VPN on Linux
I need to setup a Checkpoint VPN client with a customer who gave me these settings:
Authentication Type: P12 certificate
Password: *****
Peer Site: IP_ADDRESS
They tell me the VPN server is:
IPSO 6....
4
votes
4
answers
959
views
When does a database data file get written to?
I was using perfmon to monitor writes per second on a LUN containing a single SQL2005 database data file. I was under the assumption that database files are only written to during checkpoints or by ...
4
votes
3
answers
3k
views
Home workers requiring simultaneous office VPN and local network access
I now have a large number of remote users that are using a Check Point Secure Client VPN connection into the office. These users also need access to network resources attached to their local router/...
4
votes
0
answers
1k
views
Windows - Log services access to certificate store
I have a software which run as a service (Checkpoint Identity Awareness) which connects to a server and verifies its identity (actually a checkpoint firewall) by checking its certificate, like any ...
3
votes
3
answers
5k
views
Manual NAT on Checkpoint (Redirect all http requests to a local web server)
We have a proxy server in our internal network and I want to redirect all internet http requests to a web server in local network. It'll be like a Network Billboard that says "No direct connection is ...
3
votes
0
answers
977
views
Can I replace CheckPoint's SSL Network Extender (client) with some vanilla linux software?
I used to run CheckPoint's SSL Network Extender to connect to a customer's network, but it looks like 64bit support for Linux is nowhere in sight. Could I use something else to connect, e.g. OpenVPN?
2
votes
1
answer
362
views
Win Server 2016 Hyper-V checkpoints - using them in production
Sysadmins have known for a long time that snapshots, or as they are now called, "Checkpoints" are excellent for dev / testing, but not suitable for use in production as they require a chain of VHDX ...
2
votes
2
answers
3k
views
L2TP VPN routing issue with iphone/ipad
I am able to connect to our company's VPN with L2TP on the iphone and ipad, however, I can only get to certain resources in our company network but not others.
After looking at the iOS device logs ...
2
votes
2
answers
7k
views
Site to Site VPN Gateway - Checkpoint R60 and OpenVPN
I'm new with this kind of stuff, I'm usually only configure VPN client connect to server, but this time I have to make Site to Site VPN gateway, and I'm very clueless about this. Anyone know where I ...
2
votes
3
answers
5k
views
Site to site (Checkpoint -- CIsco ASA 5505) problem
I am not able to get a S2S connection between my Central office (Checkpoint R65) to my remote office (Cisco ASA 5505). Currently in testing phase, the Cisco box is also at my office, but connected to ...
2
votes
1
answer
41k
views
How to find Check Point firewall version from command line
On Check Point firewall's command line, how can I find its version?
Major version, minor version and optionally build number.
2
votes
3
answers
4k
views
Tracking changes to firewall configs?
Myself and one other indivdual will be taking over some of the daily firewall management duties soon and I'm looking for a way to track changes on our firewall configurations for auditing purposes and ...
2
votes
1
answer
2k
views
Checkpoint Hide NAT feature and dynamic source port selection
Checkpoint firewall have two NAT modes: Static NAT (1-to-1 internal IP to external IP) and Hide NAT, which is called "overload" in the Cisco and so on.
It is not being said in clear, but it seems ...
2
votes
1
answer
1k
views
SQL Server 2008 process list - Is this normal?
I'm very new to SQL Server, and just wondered if anyone could tell me if this process list is normal.
Wait Time | Last Wait Type | dbid
55372252 | ONDEMAND_TASK_QUEUE | 1
55371504 | ...
2
votes
2
answers
3k
views
How to control/check CheckPoint rules changes (and another System events)
I need to check/control all system events on many CheckPoint FW1 - don't misunderstand - not rules triggering, but events such admins log on, rules changes and etc.
I found out that I can make an log ...
2
votes
2
answers
2k
views
Checkpoint dropping traffic
I have R65 installed on Solaris 9, on Sun4u. It's currently running into an issue where during long connections (I think. It doesn't appear to do this to all connections, and I can't work out what the ...
2
votes
1
answer
383
views
Will a Checkpoint Safe@Office 500WP Respond to Site to Site VPN (IPSec) on WAN2?
Pretty simple - if I have two WANs, will the site-to-site VPN work if I specify the WAN2 IP address? (It currently works with the WAN1 IP.)
1
vote
2
answers
150
views
Strange Firewall Issue
We have put a web server in place on a network, it was recently moved from a testing environment in another subnet to a different office. Now that we have the server in place, we can access it via its ...
1
vote
2
answers
538
views
Checkpoint - Routing into the tunnel
I have a simple question for my checkpoint infrastructure.
Do i have to route a net which i wanna access over a configured firewall VPN Tunnel.
Explanation:
I have two firewalls connected over a ...
1
vote
3
answers
13k
views
How do I re-enable fast user switching
I am running Windows7 RC1, I have recently installed CheckPoint VPN SecureClient (http://www.checkpoint.com/products/vpn-1_clients/) to connect to my work network. On installation this appears to have ...
1
vote
1
answer
238
views
Ideal VPN setup for multiplatform and geo distributed network of servers and clients
As per subject. To give you an idea of what type of devices and client OSes.
Servers/network devices: Windows, Linux servers; Juniper, Cisco, Checkpoint Routers/Firewalls
Clients: Windows, Linux, ...
1
vote
2
answers
6k
views
Can't ping gateway once VPN established
I have two servers:
Checkpoint Safe@Office 500 with ip x.x.x.x and local network a.a.a.a/24
Cisco ASA5505 with ip y.y.y.y and local network b.b.b.b/28
Before setting up a vpn I was able to ping y.y....
1
vote
1
answer
834
views
checkpoint utm-1 edge concurrent users
I am considering to buy a UTM-1 firewall. However, I didnt get exactly what concurrent users mean. There are three models for Concurrent Users 16/32 or Unlimited. What does this mean ? How is ...
1
vote
2
answers
700
views
Checkpoint FW1 logging
When I view the logs created for my checkpoint fw1, does it log connections on receiving the syn, or does it wait till the three way handshake completes? If it logs after the syn, is there anyway of ...
1
vote
1
answer
393
views
Checkpoint - Wifi Bridge mode kills round trip requests?
I'm fairly sure this is either a NAT or routing question, but it's one that continually has me stumped.
The hardware is a Checkpoint Safe@Office firewall. The default mode of operation is that wired ...
1
vote
2
answers
2k
views
Checkpoint R75 Security Gateway without default route
I've set up a virtual lab network in vmware with two networks. vmnet2 (192.168.100.0/24) and vmnet3 (192.168.200.0/24).
My R75 is having the ip addresses 192.168.100.1 and 192.168.200.1, and is the ...
1
vote
1
answer
381
views
CheckPoint SecuRemote behind ISA 2006
Has anyone successfully got this to work? The VPN client uses UDP encapsulation and adds an 8 byte header to the encrypted packet, which ISA then strips out. the remote gateway then rejects the ...
1
vote
0
answers
39
views
Recover files from Hyper-V VM checkpoints
this is my first time posting here, so apologize in advance if I am doing something wrong.
Here is our environment
Hyper V host server
windows server 2019 standard
HP ProLiant DL380p Gen8
2x Xeon E5-...
1
vote
0
answers
531
views
Configuring Checkpoint VPN MacOS without Checkpoint client
Is there a way to connect to a Checkpoint VPN on a Mac without installing their client software?
I'm on OSX Ventura 13.0.1 with an M2 chipset. Their latest client E86.50 doesn't support Apple Silicon, ...
1
vote
0
answers
140
views
SIP traffic and firewall rules
We have Cisco Expressway-Edge devices handling videoconferencing traffic with the outside world. This all goes through a Checkpoint firewall. The intention is that the inside endpoints can initiate ...
1
vote
0
answers
159
views
Is there a way to tell what process changed a route in Windows 7?
I have a situation where our Windows 7 clients (Windows 10 works ok) are having intermittent connectivity issues when connecting over our Checkpoint Endpoint Connect VPN. The issue manifests itself as ...
1
vote
1
answer
968
views
Hyper-V 2012 R2 windows backup lingering checkpoints
I have a Windows 2012 R2 Hyper-V server that has two virtual machines running.
I have Windows backup configured to do a full bare metal backup of the Hyper-V server to USB disk.
Every few weeks the ...
1
vote
0
answers
941
views
Fresh install of CheckPoint Gaia r77 on VMware Workstation, no internet?
Hi I'm a complete noob to CP, Gaia and Firewalls.
I installed Gaia on VMware Workstation 12. I added 2 NIC on it:
First NIC is 10.34.x.x Custom network and I seem to be able to manage Gaia through a ...
1
vote
1
answer
111
views
Opening in Checkpoint firewall
I have a server with address 80.39.X.X that I want to give access to another server range in my network: 10.1.16.0/24.
They are both in my network, behind a Checkpoint firewall.
When I try to reach ...
1
vote
0
answers
744
views
CheckPoint Firewall R71: Is it possible to reserve an IP for a specific MAC address on a VPN session?
My Checkpoint firewall is configured to allow users to open the GUI (Smart Dashboard) only if their IP is on the allowed list.
Whenever I work from home (I use the CheckPoint SNX client on an Ubuntu ...
1
vote
0
answers
723
views
Checkpoint NGX FW1 Routing Between Networks
We have an old Checkpoint NGX FW1 firewall which we have to maintain. For the most part we leave it alone and it just chuggs away and works. The person who originally set it up left years ago and we'...
0
votes
1
answer
2k
views
Memory usage on my firewall [duplicate]
I have a memory usage problem with my Checkpoint Firewall (it's a physical firewall).
On my monitoring software OPManager I can see that 94% of my memory is used.
In SSH, when i enter this command : ...
0
votes
1
answer
169
views
Identify Deprecated Rules on Checkpoint Firewall
I've been asked to find the deprecated rules among the thousands of rules in our Checkpoint firewall.
I could do it by writing a perl program to analyze the log and lists of objects & rules, but ...
0
votes
2
answers
647
views
Can I NAT multiple Linux clients through a Windows VPN client to a remote network?
Here's the situation:
My org has a Check Point firewall. I can only connect to it using Windows, despite making attempts with Openswan. Is there a way I can use the Windows box to VPN into my org ...
0
votes
1
answer
14k
views
VPN from ASA5505-Checkpoint failing after one hour
I have an IPsec site-site VPN set up and working, however I'm having problems once the connection has been established for over an hour. After an hour ASDM still thinks the VPN is connected and the ...
0
votes
6
answers
8k
views
IPSecuritas Mac OS X Snow Leopard CheckPoint VPN
I used to use CheckPoint's VPN client on my Mac OS X (Leopard), but recently I upgraded to Snow Leopard, my VPN client stop working right after that, so I downloaded IPSecuritas and after some time I ...
0
votes
1
answer
168
views
Checkpoint - Automatic NAT
I have a checkpoint firewall (R75, Splat) that has a server published with Automatic NAT enabled, however I'm unable to connect to external websites.
Traffic leaves the firewall ok but the Internet ...
0
votes
1
answer
1k
views
Setup a very Basic DMZ for WordPress
We are thinking of switching our corporate website from externally hosted and designed, to an internal WordPress server. This is so we can maintain direct control, as well as run our own traffic ...
0
votes
1
answer
997
views
CheckPoint/Amazon VPC VPN tunnel working inconsistently
First time poster, so please be gentle and correct me if there's Server Fault etiquette I'm missing.
We have two CheckPoint edge devices at sites A & B, independently managed, connecting to two ...
0
votes
2
answers
6k
views
CheckPoint Endpoint Security VPN client co-existing with Windows VPN
Hey guys, I work as a consultant for a firm with a Checkpoint firewall. I have downloaded and installed the Checkpoint Endpoint Security VPN client. During the installation, I answered no to any ...
0
votes
1
answer
3k
views
Checkpoint VPN-1 R60 and Windows 7 64 Bit Client
As per my knowledge of checkpoint VPN-1. My company is using checkpoint VPN-1 R 60 ( I guess as I dont know how to check server version) Firewall(VPN Server). Now the problem is that I installed ...
0
votes
1
answer
349
views
copying policy from device on checkpoint
Is there a way to copy a firewall policy from a managed device to the managing machine, using the dashboard? I realise that you can view the policy on any of the managed devices, but there doesn't ...
0
votes
0
answers
26
views
firewall resources saturation because of huge downloads by users
My Check Point company firewall which serves about 150 client/servers, is experiencing loading problems and saturates all cpu resources, which brings to a web interface fall down and unability to ...